Does VPN Alone Provide Web Anonymity? No, but It Comes Close with Tor and More
Is 100% web anonymity possible? Maybe not, but the right mix of VPN service, Tor, and Bitcoins can provide powerful online identity protection. Share
Privacy-seekers and political activists around the world are desperate for anonymous web browsing. For this market, simple privacy is not enough*. They want online access without leaving any traces of their identities behind.
Yet achieving it is difficult to say the least, thanks to the online traffic monitoring efforts and deanonymization abilities of government spy agencies, like the NSA. In fact, search engine results for the keyword “web anonymity” contain several articles that say the endeavor is a unicorn.
From one perspective, these articles are correct. A truly determined adversary will eventually find a way to track its targets. Yet from another perspective, truly determined privacy seekers can achieve nearly anonymous internet access when they use the right mix of the Tor anonymity network, a VPN network, and Bitcoins.
Simply put: this is a powerful set-up that removes all identifying information from your online connection.
So in this article, we’ll explain how each ingredient works together to provide this excellent web anonymity as well as discuss some of its pros and cons.
Start with Tor via TAILS
Tor is free software and an open network that helps you defend your web anonymity against traffic analysis. Edward Snowden, for example, is said to have used Tor for his whistle-blowing activities. This network takes your original DNS request and routes it through three encrypted nodes before granting the request.
There are multiple ways to access the Tor network, and the most privacy-concerned users do so through The Amnesic Incognito Live System (TAILS). This is an operating system launched from a DVD, USB stick, or SD card. When you boot up with TAILS, all of your internet connections rout through the Tor network automatically. Like Mac’s OS or Windows, TAILS comes with several built-in applications, such as a web browser, instant messaging client, email client, office suite, and an image and sound editor. The major difference is that TAILS’ programs a pre-configured with security in mind, unlike the Apples and Microsofts of the world.
The main problem with using the Tor by itself is government agencies have begun targeting it. Just last year, the Tor project accused the FBI of colluding with Carnegie Mellon University to help the agency deanonymize users. In the accusation, Tor said the FBI paid a reported $1 million to the University, enabling it to launch a sophisticated attack. On one day, 100 malicious machines joined the network and began to deanonymize people who operated and accessed Tor hidden services.
Tor reacted quickly and eliminated the malicious machines, but damage may have been done. The U.S. government reportedly used information that coincided with this breach to shut down websites on the dark web that sold illegal goods and services, including the Silk Road 2.0 drug bazaar.
Add A VPN for an Extra Layer of Protection
The biggest clue that unravels your web anonymity is your IP address. Luckily, a trusted VPN can go a long way toward eliminating this problem.
After launching your Tor browser, connecting to a VPN will mask your Tor-given IP address with one from the service. So, even if trackers discover your activity coming out of Tor, they cannot track for long.
This setup of VPN through Tor has many web anonymity benefits:
- the VPN provider cannot ‘see’ your real IP address – only that of the Tor exit node.
- All of your internet traffic is still routed through Tor.
- You are protected from malicious Tor network participants because the VPN network encrypts data before it enters/exits Tor.
- The VPN can geo-spoof your location.
- You can access the web sites that block Tor exit nodes.
There are some downsides as well for web anonymity. For example, not all VPN services allow VPN through Tor. Read our reviews to find the best VPNS for this set-up.
Another problem is that quality VPN service costs money. This is problematic because payment records leave a major trail for government agencies to follow. In a high-profile U.S. court case, for example, the FBI investigated payments made from a criminal defendant to the parent companies of Private Internet Access and HotspotShield VPN.
Pay with Bitcoins
The payment record worry disappears, however, if you pay with Bitcoins. We’ve covered Bitcoin operations and cryptography in other articles. For our purposes here, the important point is this virtual currency is untraceable to its source payor, if you execute the transaction correctly.
It’s also important to say that not all VPN services accept Bitcoin. This makes virtual currency acceptance a key decision point for any privacy seeker looking at VPNs.
Lastly, the issue of payment is vital because it’s a best practice to switch VPN providers periodically. By doing so, you’ll reduce the potential of trackers monitoring a constant VPN IP address. Just make sure you pay with properly-mixed Bitcoins, no matter which VPN service you pick.
This Web Anonymity System Sacrifices Speed
Compared to direct access to servers, the Tor system is slow. The network provides anonymity by building circuits with three relays, which takes more time. The network also tries to build circuits with relays in different countries, which make connections travel more.
While they operate differently, VPNs also route your connection to a distant server (although many services allow you to pick the server to connect to).
When these two elements combine, the result is a reliably slow connection.
Summary: Web Anonymity Requires 360 Degrees of Attention
For everyday internet surfers, web anonymity is neither realistic or in demand. And for those users who want an added level of privacy, a VPN will take care of all your needs.
Yet the internet is used for an ever-increasing spectrum of activity, and several people need to protect their identity as a matter of life or death.
If you are one of them, this system of Tor, a VPN, and Bitcoin payments is about as good as you can do. For the trade-off of some browsing speed, your IP address will be buried beneath a complex web of encryption.
For all these precautions, there are several other ways investigators can track your online activity, including (but certainly not limited to), discovering account logins with identifying information, capturing data through fake websites, and deanonymizing users via malicious downloads. These techniques show that what you do on the internet can unmask your identity as much as your connection.
We’d love to hear your thoughts. Do you want complete web anonymity? Is there a better way of hiding your online identity than the system we’ve described here? Let us know in the comments.
*We here at vpnMentor support those who prize their privacy. We do not, however, condone any illegal activity.